Engineering Cyber Resiliency - A Pragmatic Approach
Description
Absolute security is science fantasy, and perfection is the enemy of good. Good engineers realize the wisdom of that statement, and strive to develop tools, abstractions, and mechanisms that provide desired properties (like resiliency) with known certainty. But providing such properties at a specified level is easier said than done, especially for properties that are probabilistic and systems that are complex distributed combinations of hardware and software.
This talk explores attempts to provide cyber resiliency in systems that are used in critical applications. It argues that CAD tools are needed at design time to choose between alternative resiliency mechanisms, and that resiliency mechanisms are needed that provide redundancy, diversity, and adaptive behavior. It also argues that runtime sensing mechanisms need to correlate information from diverse sensors to expose attackers. Finally, it argues that by focusing on adaptation mechanisms that operate on effects rather than attacks, a system can tolerate many zero-day attacks. Taken together, we describe our work towards a pragmatic, but not perfect, approach to engineer resiliency into cyber systems for use in critical applications.
About the Speaker: William H. Sanders is a Donald Biggar Willett Professor of Engineering and the Head of the Department of Electrical and Computer Engineering (www.ece.illinois.edu) at the University of Illinois at Urbana-Champaign (illinois.edu). He is a professor in the Department of Electrical and Computer Engineering and in the Department of Computer Science. He is a Fellow of the IEEE, the ACM, and the AAAS; a past Chair of the IEEE Technical Committee on Fault-Tolerant Computing; and past Vice-Chair of the IFIP Working Group 10.4 on Dependable Computing. He was the founding Director of the Information Trust Institute (www.iti.illinois.edu) at Illinois (2004-2011), and served as Director of the Coordinated Science Laboratory (www.csl.illinois.edu) at Illinois from 2010 to 2014.
Dr. Sanders's research interests include secure and dependable computing and security and dependability metrics and evaluation, with a focus on critical infrastructures. He has published more than 270 technical papers in those areas. He served as the Director and PI of the DOE/DHS Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) Center (tcipg.org), which did research at the forefront of national efforts to make the U.S. power grid smart and resilient. He was the 2016 recipient of the IEEE Technical Field Award, Innovation in Societal Infrastructure, for assessment-driven design of trustworthy cyber infrastructures for societal-scale systems.
Speaker Abstract and Bio can be found here: http://ee380.stanford.edu/Abstracts/1...
Tags
Syllabus
Introduction.
Cyber Security Facts (according to Sanders).
THE CRITICAL NEED: Provide Assured Trustworthy System Operation in Hostile Environments.
Engineering in Resiliency: Trust Specification, Design, Implementation, and Validation.
Resiliency Design Challenges.
Notional Architecture for Resiliency.
Challenges in Providing Cyber Resiliency.
Example 1: E-commerce System with Accidental Failures SRDS.
Recovery Engine Architecture.
Example 2: Recovery and Response Approach for Malicious Attacks (DSN'09, IEEE Trans. Par. & Dist. Sys 2014).
Monitor Placement Methodology (DSN'16).
Monitor Fusion Algorithms (SRDS'16).
Trust Assessment Challenge.
Quantifying Resiliency.
Practical Applications of Security Metrics.
Contrasting Approaches.
Online Course 
Engineering Cyber Resiliency - A Pragmatic Approach
-
TypeOnline Course
-
Provider
Absolute security is science fantasy, and perfection is the enemy of good. Good engineers realize the wisdom of that statement, and strive to develop tools, abstractions, and mechanisms that provide desired properties (like resiliency) with known certainty. But providing such properties at a specified level is easier said than done, especially for properties that are probabilistic and systems that are complex distributed combinations of hardware and software.
This talk explores attempts to provide cyber resiliency in systems that are used in critical applications. It argues that CAD tools are needed at design time to choose between alternative resiliency mechanisms, and that resiliency mechanisms are needed that provide redundancy, diversity, and adaptive behavior. It also argues that runtime sensing mechanisms need to correlate information from diverse sensors to expose attackers. Finally, it argues that by focusing on adaptation mechanisms that operate on effects rather than attacks, a system can tolerate many zero-day attacks. Taken together, we describe our work towards a pragmatic, but not perfect, approach to engineer resiliency into cyber systems for use in critical applications.
About the Speaker: William H. Sanders is a Donald Biggar Willett Professor of Engineering and the Head of the Department of Electrical and Computer Engineering (www.ece.illinois.edu) at the University of Illinois at Urbana-Champaign (illinois.edu). He is a professor in the Department of Electrical and Computer Engineering and in the Department of Computer Science. He is a Fellow of the IEEE, the ACM, and the AAAS; a past Chair of the IEEE Technical Committee on Fault-Tolerant Computing; and past Vice-Chair of the IFIP Working Group 10.4 on Dependable Computing. He was the founding Director of the Information Trust Institute (www.iti.illinois.edu) at Illinois (2004-2011), and served as Director of the Coordinated Science Laboratory (www.csl.illinois.edu) at Illinois from 2010 to 2014.
Dr. Sanders's research interests include secure and dependable computing and security and dependability metrics and evaluation, with a focus on critical infrastructures. He has published more than 270 technical papers in those areas. He served as the Director and PI of the DOE/DHS Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) Center (tcipg.org), which did research at the forefront of national efforts to make the U.S. power grid smart and resilient. He was the 2016 recipient of the IEEE Technical Field Award, Innovation in Societal Infrastructure, for assessment-driven design of trustworthy cyber infrastructures for societal-scale systems.
Speaker Abstract and Bio can be found here: http://ee380.stanford.edu/Abstracts/1...
Introduction.
Cyber Security Facts (according to Sanders).
THE CRITICAL NEED: Provide Assured Trustworthy System Operation in Hostile Environments.
Engineering in Resiliency: Trust Specification, Design, Implementation, and Validation.
Resiliency Design Challenges.
Notional Architecture for Resiliency.
Challenges in Providing Cyber Resiliency.
Example 1: E-commerce System with Accidental Failures SRDS.
Recovery Engine Architecture.
Example 2: Recovery and Response Approach for Malicious Attacks (DSN'09, IEEE Trans. Par. & Dist. Sys 2014).
Monitor Placement Methodology (DSN'16).
Monitor Fusion Algorithms (SRDS'16).
Trust Assessment Challenge.
Quantifying Resiliency.
Practical Applications of Security Metrics.
Contrasting Approaches.
